commit 54348201f7cce9c0c01e9d4835714a2fec55c67c Merge: f58cdb3 a8dd279 Author: Nick Mathewson <nickm@torproject.org> Date: Wed Sep 3 13:29:43 2014 -0400 Merge remote-tracking branch 'intrigeri/bug12939-systemd-no-new-privileges' Conflicts: contrib/dist/tor.service.in changes/bug12939-systemd-no-new-privileges | 4 ++++ contrib/dist/tor.service.in | 1 + 2 files changed, 5 insertions(+) diff --cc contrib/dist/tor.service.in index 8c70ccc,c4709a7..20ceecf --- a/contrib/dist/tor.service.in +++ b/contrib/dist/tor.service.in @@@ -19,9 -19,7 +19,10 @@@ PrivateTmp = ye DeviceAllow = /dev/null rw DeviceAllow = /dev/urandom r InaccessibleDirectories = /home +ReadOnlyDirectories = / +ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor +ReadWriteDirectories = @LOCALSTATEDIR@/log/tor + NoNewPrivileges = yes [Install] WantedBy = multi-user.target